Many Internet users hold accounts with many websites, providing services or other functionality such as online banking, online auctions, online shopping, social websites and more. Typically a set of credentials is associated with each account, and at least a subset of these credentials, usually consisting of a username and a password, is used by the website to verify a user's identity. More extensive or limited sets of credentials are also used. Websites that provide more sensitive services, such as online banking, can require more credentials, e.g., a date of birth, a social security number or other types of credentials. Less sensitive services may only require a single identifier, such as an e-mail address.
Users can implement certain practices that can increase the security of their credentials. For example, they can use a mix of letters and numbers, change their passwords frequently and not use the same credentials for signing on to different sites.
Some users find such security practices inconvenient. For example, some users to make use of a single username and a single password for many of their online accounts across different websites. A successful data-mining attack on one of the websites where an account is held can grant the attacker access to the rest of the user's online accounts.
One solution to this inconvenience is to centrally manage the sets of credentials such that the user can cause them to be provided to a website for authentication. Centrally managed credentials are said to be managed by or (logically) stored at a “vault.” When a user wishes to authenticate to a website, the user interacts with a computer (the “client”) to authenticate the user to the vault. The vault can then process a request from the client to authenticate the user to a given website. The vault can look up the credentials stored for the user for the given website and send them to the client, which can submit them to the website to authenticate the user.
What is needed is a way to transparently (to the user) provide the credentials from the vault to the website. If the vault is untrusted, the user credentials can be stored only in an encrypted form at the vault. The key used to encrypt the credentials may be stored at a trusted client or safeguarded by the user. What is needed is an efficient way to transform the encrypted credentials What is also needed is a more sophisticated, layered approach to credentials management.